Category: Health Data

Gene Zaleski reports: The Regional Medical Center has offered identity theft coverage to about 200 patients after discovering a possible breach of its computer system. RMC President Tom Dandridge said the hospital’s auditor found an former employee’s password may have been used to access medical records. “We could not determine whether there had a been…

Joseph Lazzarotti of Jackson Lewis writes: On August 18, 2010, the Connecticut Insurance Commissioner issued Bulletin IC-25 which mandates that entities within its jurisdiction notify the Department of Insurance of any “information security incident.” This post provides a brief summary of this new requirement. […] What is an “information security incident”? Under this Bulletin, an…

German drugstore chain Schlecker has suffered a major online data breach, with the names, addresses and profiles of about 150,000 customers being exposed on the internet, the company announced Friday. A spokesman for the firm confirmed media reports that the personal data of online customers had for an unspecified time found their way onto the…

Juan Ortega reports on a case of low-tech mail theft used for medical ID theft: A Tamarac woman told a judge she stole someone’s identity and spent nearly $20,000 in ill-gotten funds, largely because she needed to replace defective breast implants and furnish her condo. Shatarka Nuby, 29, offered that explanation to U.S. District Judge…

Dom Nicastro provides some interesting data from California, where there is no “harm threshold” in mandated reporting requirements for breaches involving medical records: Since California’s new law went into effect last year, the state has received 3,766 breach reports. …. California’s investigations team has completed reviews of 1,953. It found that 98.7% of those breaches…